MY Apache 2.4 SSL broken (FreeBSD 10.3) - help!

William Dudley wfdudley at gmail.com
Tue Apr 3 13:54:22 UTC 2018 

The EXACT SAME SSLCertificateFile and SSLCertificateKeyFile are specified in
the njsbmwr.dudley.nu.conf file, and that works just fine.

I'm afraid that the package openssl doesn't like certs that are for
multiple domains.

If I can revert to base openssl, I can test this theory trivially.

Bill Dudley


This email is free of malware because I run Linux.

On Tue, Apr 3, 2018 at 3:28 AM, Jack L. <xxjack12xx at gmail.com> wrote:

> installing the openssl package sounds unrelated, are you sure you've
> defined
>
> SSLCertificateFile
> and
> SSLCertificateKeyFile
>
> properly and apache can read those paths? The error
> Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no
> certificate
> assigned
>
> means it can't locate your cert
>
> On Mon, Apr 2, 2018 at 4:03 PM, William Dudley <wfdudley at gmail.com> wrote:
> > I'm running FreeBSD 10.3, all patched up using
> > freebsd-update fetch
> > freebsd-update install
> >
> > Because I got this scary warning when upgrading Apache 2.4 (pkg upgrade
> > apache24)
> >
> > Message from apache24-2.4.33:
> >
> > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> > !! mod_http2 on FreeBSD with OpenSSL from base results in a mostly !!
> > !! functionally unusable module due to lack of "Upgrade"           !!
> > !! capability in OpenSSL 1.0.1.                                    !!
> > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> >
> > I installed openssl
> >
> > pkg install openssl
> >
> > Now, apache dies if I start it with any of these:
> >
> > <VirtualHost *:443>
> > . . .
> > </VirtualHost>
> >
> > I get this in httpd-error.log:
> >
> > [Mon Apr 02 18:44:00.204869 2018] [ssl:emerg] [pid 82318] AH02572: Failed
> > to configure at least one certificate and key for njsbmwr.org:80
> > [Mon Apr 02 18:44:00.205017 2018] [ssl:emerg] [pid 82318] SSL Library
> > Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no
> certificate
> > assigned
> > [Mon Apr 02 18:44:00.205027 2018] [ssl:emerg] [pid 82318] AH02312: Fatal
> > error initialising mod_ssl, exiting.
> >
> > This was a formerly working installation with a handful of letsencrypt
> > certificates.
> >
> > Did the openssl from pkg break this?
> >
> > How do I fix this?
> >
> > Thanks,
> > Bill Dudley
> >
> >
> >
> > This email is free of malware because I run Linux.
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list